Secret Service head calls for cybersecurity cooperation
Companies should report data thefts, says Ralph Basham
IDG News Service - Companies with compromised data have a duty to report that information to investigators to keep others from being victimized, the director of the U.S. Secret Service said yesterday.
The Secret Service, which has jurisdiction to investigate financial crimes as well as protect the U.S. president, is working hard to prevent Internet-related crimes such as identity theft, but it needs assistance from private companies, said Secret Service Director Ralph Basham, who spoke at an event on organized cybercrime in Washington. The event was sponsored by the Business Software Alliance and the Center for Strategic & International Studies (CSIS).
"Information is the world's new currency; information has value," Basham said. "Information discloses our vulnerabilities and systemic weaknesses, and therefore ... compromises of information must be aggressively investigated."
Compromises that affect just one company are increasingly rare in a world connected by the Internet, he said. "The days when a single institution guards the system intrusion as a secret are no longer acceptable," Basham said. "An intrusion for one represents a collective threat for us all."
Still, the sharing of information between law enforcement agencies and private industry needs significant improvement, said a group of IT security experts at a panel discussion after Basham's remarks. Technology that could help reduce cybercrime does exist, but law enforcement agencies conducting investigations often don't immediately share information about new threats, said Albert Sisto, president and CEO of Phoenix Technologies Ltd., a security software vendor in Milpitas, Calif.
Federal law enforcement agencies are trying to share more information, but it's often difficult to disclose information without compromising an active investigation, said Kimberly Peretti, a lawyer in the Computer Crime and Intellectual Property Division at the U.S Department of Justice.
The Secret Service is working on ways to distribute information faster, said Brian Nagel, assistant director for investigations at the Secret Service.
Most panelists agreed that technology can help fight organized cybercrime, but they also called for other changes, including better international cooperation among law enforcement agencies and more tools and training for law enforcement agents. Cybercrime cases cost more to investigate than traditional crime, Nagel said.
A combination of technology, law enforcement resources and laws are needed to combat cybercrime, said Bill Conner, CEO and chairman of Entrust Inc., a security vendor in Addison, Texas.
But a number of federal laws passed in recent years haven't done as much to raise awareness about data security as one California bill requiring companies with data breaches to notify victims that became law in 2003, he said. Other states are



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Streamline Compliance and Increase ROI
- Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
- Protecting Point of Sale Systems from Targeted Attack
- If you are responsible for protecting retail systems, download this case study to learn how this retailer eliminated the threat of malware on...
- From the Frontline - Preventing APT
- Is your company's network secure? Are your endpoints and servers secured? Before you answer, read this case study on a US Military Command...
- Stop Hackers Before They Attack
- Hacktivism, Identify Theft, Financial Gain, Cyber War - regardless of motivation, stopping today's hackers requires a new proactive approach to protecting endpoints. Learn...
- The four rules of complete web protection
- As an IT manager you've always known the web is a dangerous place. But with infections growing and the demands on your time... All Cybercrime and Hacking White Papers
- WikiLeaks: How am I Affected?
- The latest WikiLeaks episode has raised questions about how organizations and governments protect their sensitive information. While this incident was isolated, it has...
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn... All Cybercrime and Hacking Webcasts